package com.google.code.virtualhockey.vhx.server.servlet.rpc

import javax.servlet.http.HttpServletRequest

/**
 * Checks the validity of a client side provided security token. Goes in pair
 * with the client side interface {@link ISecurityTokenProvider}.
 */
trait TSecurityTokenChecker {
  /**
   * Checks that the given client security token matches some information
   * retrieved from the given HttpServletRequest.
   *
   * @param strClientToken the client token submitted via GWT/RPC
   * @param rq the last servlet request
   * @throws WebInvalidSessionException thrown if the token validation fails
   */
  def checkSecurityToken( strClientToken: String, rq: HttpServletRequest ): Unit
}
